Initiative-S Scanner
Fraud
Phishing Check
If your domain is listed on a phishing blacklist, it has probably been misused for [phishing purposes] and reported to the list operator.
Criminals gain access to the website and deposit malicious code there. They copy known websites in order to obtain sensitive data such as passwords, credit card numbers and other personal data of the site visitors via these fake sites.
Your website has probably already been abused by criminals.
If your domain was found in a phishing list:
Take the website offline!
It is possible for you to provide phishing content with the website and for criminals to collect personal information with it. It also prevents Google from removing your website from the index, which would cancel any positive ranking. This will also prevent your provider/host from blocking your website.
-
Find out how and when strangers were able to access your domain. Check your log files for unauthorized access from unknown source IP addresses. The time stamp of the manipulated or uploaded file could serve as the starting point for your search and give you an indication of the time of the attack and the so-called gateway.
-
Change your access data!
-
Web frontend (hosting contract, content management system)
-
FTP, SSH accesses
-
Database - use strong passwords
-
Import a malware-free backup! Delete all files on your webspace. This ensures that you do not take over any foreign files that the attackers use as "back doors" from the previously compromised environment. Before restoring, check whether your backup already contains the malicious code found by us and use an even older backup if necessary. If the backup is "malware-free", restore it and then update the system. Only then do you put the website online again.
-
If you do not have a backup of your website, consider a complete new installation. Manual cleanups usually take much more time and should only be carried out by qualified personnel.
-
Check your local computers for malware! On the website botfrei.de you will find help and programs. With the help of the DE-Cleaner you can clean your PC of different malware. (https://www.botfrei.de/de/eucleaner/index.html)
Phishing-Check
Your domain was found in a phishing list.
Your domain was not found in any phishing list known to us.
Fraud
Malware Check
[Malware] is software that can cause damage to a computer and ultimately to its owner. Malware refers to all types of harmful programs such as [viruses], [trojans], [spyware], [dialers], [droppers], [rootkits] and [keyloggers].
Criminals gain access to the website and deposit malicious code there in order to install [malware] on visitors' computers via [Drive-by-Downloads].
When the page is accessed, there is a risk that the visitor's computer will be infected with malicious code.
If your domain was found in a malware list:
It is possible that you are providing malware content with the website. It also prevents Google from removing your website from the index, which would cancel any positive ranking. This will also prevent a possible blocking of your website by your provider/host.
-
Find out how and when strangers were able to access your domain. Check your log files for unauthorized access from unknown source IP addresses. The time stamp of the manipulated or uploaded file could serve as the starting point for your search and give you an indication of the time of the attack and the so-called gateway.
-
Change your access data!
-
Web frontend (hosting contract, content management system)
-
FTP, SSH accesses
-
Database - use strong passwords
-
Import a malware-free backup! Delete all files on your webspace. This ensures that you do not take over any foreign files that the attackers use as "back doors" from the previously compromised environment. Before restoring, check whether your backup already contains the malicious code found by us and use an even older backup if necessary. If the backup is "malware-free", restore it and then update the system. Only then do you put the website online again.
-
If you do not have a backup of your website, consider a complete new installation. Manual cleanups usually take much more time and should only be carried out by qualified personnel.
-
Check your local computers for malware! On the website botfrei.de you will find help and programs. With the help of the DE-Cleaner you can clean your PC of different malware. (https://www.botfrei.de/de/eucleaner/index.html)
Malware-Check
Your domain was found in malware lists
Your domain was not found in any known malware list.
Attacks
Botnet Check
Botnet refers to a number of devices that are connected via the Internet and on which at least one [[Bot]] is running.
Malicious bots can be used to send e-mail spam or for DDoS attacks, among other things.
A system integrated into a botnet can respond to remote commands from cybercriminals as soon as it is connected to the Internet. This allows the system to be used unnoticed for sending [[spam]], performing [[DDoS|DDoS attacks]] or [[phishing]]. A botnet maintains and expands itself by spreading the corresponding malware and thus infecting other computers.
Wenn Ihre Domain in einer Botnet-Liste gefunden wurde:
Es ist möglich, dass Sie mit der Webseite Malware-Inhalte zur Verfügung stellen. Auch vermeiden Sie damit, dass Google Ihre Webseite aus dem Index nimmt, was ein eventuelles positives Ranking annullieren würde. So kommen Sie auch einer eventuellen Sperre Ihrer Webseite seitens Ihres Providers/Hosters zuvor.
-
Stellen Sie fest, wie und wann es Fremden möglich war, auf Ihre Domain zuzugreifen. Überprüfen Sie Ihre Logdateien auf unberechtigte Zugriffe von unbekannten Quell-IP-Adressen. Als Ausgangspunkt Ihrer Recherche könnte Ihnen der Zeitstempel der manipulierten, bzw. hochgeladenen Datei dienen und einen Hinweis auf den Zeitpunkt der Attacke und das sogenannte Einfallstor geben.
-
Ändern Sie Ihre Zugangsdaten!
-
Webfrontend (Hosting-Vertrag, Content-Management-System)
-
FTP-, SSH-Zugänge
-
Datenbank - starke Passwörter nutzen
-
Spielen Sie ein schadcodefreies Backup ein! Löschen Sie hierzu sämtliche Dateien auf Ihrem Webspace. Damit stellen Sie sicher, dass Sie keine Fremddateien, die den Angreifern als [[Backdoor|"Hintertüren"]] dienen aus der vormals kompromittierten Umgebung übernehmen. Überprüfen Sie vor der Wiederherstellung, ob Ihr Backup bereits den von uns gefundenen Schadcode beinhaltet und greifen Sie bei Bedarf auf eine noch ältere Sicherung zurück. Sollte das Backup "schadcodefrei" sein, stellen Sie dieses wieder her und führen danach die Updates im System durch. Erst dann stellen Sie die Webseite wieder online.
-
Sollten Sie keine Sicherung Ihres Internetauftrittes besitzen, ziehen Sie eine komplette Neuinstallation in Betracht. Manuelle Bereinigungen nehmen in der Regel sehr viel mehr Zeit in Anspruch und sollten nur von Fachpersonal durchgeführt werden.
-
Überprüfen Sie Ihre lokalen Rechner auf Schadsoftware! Unter der Webseite botfrei.de finden Sie dazu Hilfestellungen und Programme. Mit Hilfe des DE-Cleaners können Sie Ihren PC von verschiedenen Schadprogrammen säubern. (https://www.botfrei.de/de/eucleaner/index.html)
Botnet-Check
Ihre Domain wurde in Botnet-Listen gefunden
Ihre Domain wurde in keiner uns bekannten Botnet-Liste gefunden.
advertising
Spam-Check
If your domain is listed in a spam list, it is likely to have been advertised in an unsolicited email and reported to the list operator.
Spam is the term used to describe unwanted and sometimes dubious advertising in an e-mail box (e.g. Viagra advertising, medication, insurance and credit comparisons). These advertisements are sent in large quantities, but can also be sent in a targeted manner.
If your domain is on a spam list, your legitimate emails may no longer be delivered. In addition, the reputation of your domain can be negatively affected.
Try to figure out why you were listed. Contact the list operator and ask them to remove your domain from the list.
Spam-Check
Your domain was found in spam lists.
Your domain was not found in any known spam list.
In <a href=":LISTURL" target=":LISTNAME">:LISTNAME</a> your domain :DOMAIN was found.
In <a href=":LISTURL" target=":LISTNAME">:LISTNAME</a> your IP :IP was found.